CVE-2011-1653

CA Total Defense UNC Server r12 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-1653. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/http/ca_totaldefense_regeneratereports.

AI-analyzed exploit summary This Metasploit module exploits a SQL injection vulnerability in CA Total Defense Suite R12 via a crafted SOAP request to '/UNCWS/Management.asmx', allowing arbitrary SQL command execution through the 'reGenerateReports' stored procedure.

Description

Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubywebappscgi

https://www.exploit-db.com/exploits/17922

View Code ZIP pw:eip

This Metasploit module exploits a SQL injection vulnerability in CA Total Defense Suite R12 via a crafted SOAP request to '/UNCWS/Management.asmx', allowing arbitrary SQL command execution through the 'reGenerateReports' stored procedure.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: CA Total Defense Suite R12

No auth needed

Prerequisites: Network access to the target's management interface · MS SQL Server 2005 Express (bundled with CA Total Defense Suite R12)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb

View Code ZIP pw:eip

This Metasploit module exploits a SQL injection vulnerability in CA Total Defense Suite R12 via a crafted SOAP request to '/UNCWS/Management.asmx', allowing arbitrary SQL command execution through the 'reGenerateReports' stored procedure.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: CA Total Defense Suite R12

No auth needed

Prerequisites: Network access to the target's SOAP endpoint on port 34443 · SQL Server with 'xp_cmdshell' enabled or configurable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (22)

Core 22

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/66725

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-11-128/

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/44097

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/8403

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/47355

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/517491/100/0/threaded

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-11-133/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/517498/100/0/threaded

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/517489/100/0/threaded

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-11-129/

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0977

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1025353

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/517490/100/0/threaded

Various Sources x_refsource_confirm

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BCD065CEC-AFE2-4D9D-8E0B-BE7F6E345866%7D

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-11-134/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/517496/100/0/threaded

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-11-132/

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-11-131/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/517497/100/0/threaded

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/517494/100/0/threaded

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-11-130/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/517493/100/0/threaded

Scores

EPSS 0.8865

EPSS Percentile 99.8%

Details

CWE

CWE-89

Status published

Products (1)

broadcom/total_defense r12

Published Apr 18, 2011

Tracked Since Feb 18, 2026